2 matches found
CVE-2005-2215
MediaWiki is affected by a Cross-site scripting (XSS) vulnerability in versions before 1.4.6 (1.4.x) and before 1.5beta3 (1.5.x) due to unsanitized input in the page move template parameter. The issue allows remote attackers to inject arbitrary web script or HTML into pages. The description does ...
MediaWiki 1.4.x < 1.4.6 / 1.5.x < 1.5.0 beta3 Page Move Template XSS
According to its self-reported version number, the installation of MediaWiki running on the remote host is affected by a cross-site scripting vulnerability due to a failure to sanitize user-supplied input passed to the page move template. A remote attacker can exploit this to inject arbitrary HTM...